ET EXPLOIT_KIT probable malicious Glazunov Javascript injection

7.0.35.0SID: 2015977Rev: 9Disabled25 views
Sourceet/open
Fileemerging-exploit_kit.rules
CreatedDecember 4, 2012
UpdatedMarch 14, 2024
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT probable malicious Glazunov Javascript injection"; flow:established,to_client; flowbits:set,et.exploitkitlanding; file.data; content:"(|22|"; distance:0; content:"|22|))|3b|"; distance:52; within:106; content:")|3b|</script></body>"; within:200; fast_pattern; pcre:"/\(\x22[0-9\x3a\x3b\x3c\x3d\x3e\x3fa-k]{50,100}\x22\).{0,200}\)\x3b<\/script><\/body>/s"; classtype:exploit-kit; sid:2015977; rev:9; metadata:created_at 2012_12_04, signature_severity Major, updated_at 2024_03_14;)

Metadata

created at2012_12_04
signature severityMajor
updated at2024_03_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!